mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-22 01:49:11 +00:00
Code Issues Releases Wiki Activity

Move the file digest code out of match.c and into filedigest.c.

Browse Source 
Inspired by RedHat changes that used libgcrypt.
Also add digest_type_to_name() to map a sudo digest type (int)
to a name (string) and use it.
This commit is contained in:
Todd C. Miller 2017-02-20 16:44:12 -07:00
parent 00b76afe46
commit b5e7b7bd2c
9 changed files with 258 additions and 132 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
MANIFEST
View File

@ -260,8 +260,10 @@ plugins/sudoers/def_data.h
plugins/sudoers/def_data.in plugins/sudoers/def_data.in
plugins/sudoers/defaults.c plugins/sudoers/defaults.c
plugins/sudoers/defaults.h plugins/sudoers/defaults.h
plugins/sudoers/digestname.c
plugins/sudoers/editor.c plugins/sudoers/editor.c
plugins/sudoers/env.c plugins/sudoers/env.c
plugins/sudoers/filedigest.c
plugins/sudoers/find_path.c plugins/sudoers/find_path.c
plugins/sudoers/gc.c plugins/sudoers/gc.c
plugins/sudoers/gentime.c plugins/sudoers/gentime.c

26
plugins/sudoers/Makefile.in
View File

@ -150,11 +150,11 @@ TEST_PROGS = check_iolog_path check_fill check_wrap check_addr check_digest \
AUTH_OBJS = sudo_auth.lo @AUTH_OBJS@ AUTH_OBJS = sudo_auth.lo @AUTH_OBJS@
LIBPARSESUDOERS_OBJS = alias.lo audit.lo base64.lo defaults.lo gentime.lo \ LIBPARSESUDOERS_OBJS = alias.lo audit.lo base64.lo defaults.lo digestname.lo \
hexchar.lo gmtoff.lo gram.lo match.lo match_addr.lo \ filedigest.lo gentime.lo gmtoff.lo gram.lo hexchar.lo \
pwutil.lo pwutil_impl.lo rcstr.lo redblack.lo \ match.lo match_addr.lo pwutil.lo pwutil_impl.lo \
sudoers_debug.lo timeout.lo timestr.lo toke.lo \ rcstr.lo redblack.lo sudoers_debug.lo timeout.lo \
toke_util.lo timestr.lo toke.lo toke_util.lo
SUDOERS_OBJS = $(AUTH_OBJS) boottime.lo check.lo editor.lo env.lo find_path.lo \ SUDOERS_OBJS = $(AUTH_OBJS) boottime.lo check.lo editor.lo env.lo find_path.lo \
gc.lo goodpath.lo group_plugin.lo interfaces.lo iolog.lo \ gc.lo goodpath.lo group_plugin.lo interfaces.lo iolog.lo \
@ -656,6 +656,11 @@ defaults.lo: $(srcdir)/defaults.c $(devdir)/def_data.c $(devdir)/def_data.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \ $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h $(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/defaults.c $(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/defaults.c
digestname.lo: $(srcdir)/digestname.c $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_queue.h $(srcdir)/parse.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/digestname.c
editor.lo: $(srcdir)/editor.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \ editor.lo: $(srcdir)/editor.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \ $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
$(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \ $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
@ -674,6 +679,17 @@ env.lo: $(srcdir)/env.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \ $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h $(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/env.c $(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/env.c
filedigest.lo: $(srcdir)/filedigest.c $(devdir)/def_data.h \
$(incdir)/compat/sha2.h $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
$(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
$(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/filedigest.c
find_path.lo: $(srcdir)/find_path.c $(devdir)/def_data.h \ find_path.lo: $(srcdir)/find_path.c $(devdir)/def_data.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \ $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
$(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \ $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \

50
plugins/sudoers/digestname.c Normal file
View File

@ -0,0 +1,50 @@
/*
* Copyright (c) 2017 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <config.h>
#include <sys/types.h>
#include <stdio.h>
#include "sudo_compat.h"
#include "sudoers_debug.h"
#include "parse.h"
const char *
digest_type_to_name(int digest_type)
{
const char *digest_name;
debug_decl(digest_type_to_name, SUDOERS_DEBUG_UTIL)
switch (digest_type) {
case SUDO_DIGEST_SHA224:
digest_name = "sha224";
break;
case SUDO_DIGEST_SHA256:
digest_name = "sha256";
break;
case SUDO_DIGEST_SHA384:
digest_name = "sha384";
break;
case SUDO_DIGEST_SHA512:
digest_name = "sha512";
break;
default:
digest_name = "unknown digest";
break;
}
debug_return_const_str(digest_name);
}

142
plugins/sudoers/filedigest.c Normal file
View File

@ -0,0 +1,142 @@
/*
* Copyright (c) 2017 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
* OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <config.h>
#include <sys/types.h>
#include <stdio.h>
#include <stdlib.h>
#ifdef HAVE_STRING_H
# include <string.h>
#endif /* HAVE_STRING_H */
#ifdef HAVE_STRINGS_H
# include <strings.h>
#endif /* HAVE_STRINGS_H */
#if defined(HAVE_STDINT_H)
# include <stdint.h>
#elif defined(HAVE_INTTYPES_H)
# include <inttypes.h>
#endif
#include <unistd.h>
#include <fcntl.h>
#include <errno.h>
#include "sudoers.h"
#include "parse.h"
#ifdef HAVE_SHA224UPDATE
# include <sha2.h>
#else
# include "compat/sha2.h"
#endif
static struct digest_function {
const unsigned int digest_len;
void (*init)(SHA2_CTX *);
#ifdef SHA2_VOID_PTR
void (*update)(SHA2_CTX *, const void *, size_t);
void (*final)(void *, SHA2_CTX *);
#else
void (*update)(SHA2_CTX *, const unsigned char *, size_t);
void (*final)(unsigned char *, SHA2_CTX *);
#endif
} digest_functions[] = {
{
SHA224_DIGEST_LENGTH,
SHA224Init,
SHA224Update,
SHA224Final
}, {
SHA256_DIGEST_LENGTH,
SHA256Init,
SHA256Update,
SHA256Final
}, {
SHA384_DIGEST_LENGTH,
SHA384Init,
SHA384Update,
SHA384Final
}, {
SHA512_DIGEST_LENGTH,
SHA512Init,
SHA512Update,
SHA512Final
}, {
0
}
};
unsigned char *
sudo_filedigest(int fd, const char *file, int digest_type, size_t *digest_len)
{
struct digest_function *func = NULL;
unsigned char *file_digest = NULL;
unsigned char buf[32 * 1024];
size_t nread;
SHA2_CTX ctx;
int i, fd2;
FILE *fp = NULL;
debug_decl(sudo_filedigest, SUDOERS_DEBUG_UTIL)
for (i = 0; digest_functions[i].digest_len != 0; i++) {
if (digest_type == i) {
func = &digest_functions[i];
break;
}
}
if (func == NULL) {
sudo_warnx(U_("unsupported digest type %d for %s"), digest_type, file);
goto bad;
}
if ((fd2 = dup(fd)) == -1) {
sudo_debug_printf(SUDO_DEBUG_INFO, "unable to dup %s: %s",
file, strerror(errno));
goto bad;
}
if ((fp = fdopen(fd2, "r")) == NULL) {
sudo_debug_printf(SUDO_DEBUG_INFO, "unable to fdopen %s: %s",
file, strerror(errno));
close(fd2);
goto bad;
}
if ((file_digest = malloc(func->digest_len)) == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
goto bad;
}
func->init(&ctx);
while ((nread = fread(buf, 1, sizeof(buf), fp)) != 0) {
func->update(&ctx, buf, nread);
}
if (ferror(fp)) {
sudo_warnx(U_("%s: read error"), file);
goto bad;
}
func->final(file_digest, &ctx);
fclose(fp);
*digest_len = func->digest_len;
debug_return_ptr(file_digest);
bad:
free(file_digest);
if (fp != NULL)
fclose(fp);
debug_return_ptr(NULL);
}

6
plugins/sudoers/ldap.c
View File

@ -968,10 +968,8 @@ sudo_ldap_extract_digest(char **cmnd, struct sudo_digest *digest)
cp++; cp++;
*cmnd = cp; *cmnd = cp;
DPRINTF1("%s digest %s for %s", DPRINTF1("%s digest %s for %s",
digest_type == SUDO_DIGEST_SHA224 ? "sha224" : digest_type_to_name(digest_type),
digest_type == SUDO_DIGEST_SHA256 ? "sha256" : digest->digest_str, cp);
digest_type == SUDO_DIGEST_SHA384 ? "sha384" :
"sha512", digest->digest_str, cp);
debug_return_ptr(digest); debug_return_ptr(digest);
} }
} }

134
plugins/sudoers/match.c
View File

@ -69,11 +69,6 @@
#else #else
# include "compat/fnmatch.h" # include "compat/fnmatch.h"
#endif /* HAVE_FNMATCH */ #endif /* HAVE_FNMATCH */
#ifdef HAVE_SHA224UPDATE
# include <sha2.h>
#else
# include "compat/sha2.h"
#endif
#if !defined(O_SEARCH) && defined(O_PATH) #if !defined(O_SEARCH) && defined(O_PATH)
# define O_SEARCH O_PATH # define O_SEARCH O_PATH
@ -723,127 +718,62 @@ command_matches_normal(const char *sudoers_cmnd, const char *sudoers_args, const
} }
#else /* !SUDOERS_NAME_MATCH */ #else /* !SUDOERS_NAME_MATCH */
static struct digest_function {
const char *digest_name;
const unsigned int digest_len;
void (*init)(SHA2_CTX *);
#ifdef SHA2_VOID_PTR
void (*update)(SHA2_CTX *, const void *, size_t);
void (*final)(void *, SHA2_CTX *);
#else
void (*update)(SHA2_CTX *, const unsigned char *, size_t);
void (*final)(unsigned char *, SHA2_CTX *);
#endif
} digest_functions[] = {
{
"SHA224",
SHA224_DIGEST_LENGTH,
SHA224Init,
SHA224Update,
SHA224Final
}, {
"SHA256",
SHA256_DIGEST_LENGTH,
SHA256Init,
SHA256Update,
SHA256Final
}, {
"SHA384",
SHA384_DIGEST_LENGTH,
SHA384Init,
SHA384Update,
SHA384Final
}, {
"SHA512",
SHA512_DIGEST_LENGTH,
SHA512Init,
SHA512Update,
SHA512Final
}, {
NULL
}
};
static bool static bool
digest_matches(int fd, const char *file, const struct sudo_digest *sd) digest_matches(int fd, const char *file, const struct sudo_digest *sd)
{ {
unsigned char file_digest[SHA512_DIGEST_LENGTH]; unsigned char *file_digest = NULL;
unsigned char sudoers_digest[SHA512_DIGEST_LENGTH]; unsigned char *sudoers_digest = NULL;
unsigned char buf[32 * 1024]; bool matched = false;
struct digest_function *func = NULL; size_t digest_len;
size_t nread;
SHA2_CTX ctx;
FILE *fp;
int fd2;
unsigned int i;
debug_decl(digest_matches, SUDOERS_DEBUG_MATCH) debug_decl(digest_matches, SUDOERS_DEBUG_MATCH)
for (i = 0; digest_functions[i].digest_name != NULL; i++) { file_digest = sudo_filedigest(fd, file, sd->digest_type, &digest_len);
if (sd->digest_type == i) { if (file_digest == NULL) {
func = &digest_functions[i]; /* Warning (if any) printed by sudo_filedigest() */
break; goto done;
}
} }
if (func == NULL) {
sudo_warnx(U_("unsupported digest type %d for %s"), sd->digest_type, file); /* Convert the command digest from ascii to binary. */
debug_return_bool(false); if ((sudoers_digest = malloc(digest_len)) == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
goto done;
} }
if (strlen(sd->digest_str) == func->digest_len * 2) { if (strlen(sd->digest_str) == digest_len * 2) {
/* Convert the command digest from ascii hex to binary. */ /* Convert ascii hex to binary. */
for (i = 0; i < func->digest_len; i++) { unsigned int i;
for (i = 0; i < digest_len; i++) {
const int h = hexchar(&sd->digest_str[i + i]); const int h = hexchar(&sd->digest_str[i + i]);
if (h == -1) if (h == -1)
goto bad_format; goto bad_format;
sudoers_digest[i] = (unsigned char)h; sudoers_digest[i] = (unsigned char)h;
} }
} else { } else {
size_t len = base64_decode(sd->digest_str, sudoers_digest, /* Convert base64 to binary. */
sizeof(sudoers_digest)); size_t len = base64_decode(sd->digest_str, sudoers_digest, digest_len);
if (len != func->digest_len) { if (len != digest_len) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"incorrect length for digest, expected %u, got %zu", "incorrect length for digest, expected %zu, got %zu",
func->digest_len, len); digest_len, len);
goto bad_format; goto bad_format;
} }
} }
if ((fd2 = dup(fd)) == -1) { if (memcmp(file_digest, sudoers_digest, digest_len) == 0) {
sudo_debug_printf(SUDO_DEBUG_INFO, "unable to dup %s: %s", matched = true;
file, strerror(errno)); } else {
debug_return_bool(false);
}
if ((fp = fdopen(fd2, "r")) == NULL) {
sudo_debug_printf(SUDO_DEBUG_INFO, "unable to open %s: %s",
file, strerror(errno));
close(fd2);
debug_return_bool(false);
}
func->init(&ctx);
while ((nread = fread(buf, 1, sizeof(buf), fp)) != 0) {
func->update(&ctx, buf, nread);
}
if (ferror(fp)) {
sudo_warnx(U_("%s: read error"), file);
fclose(fp);
debug_return_bool(false);
}
func->final(file_digest, &ctx);
if (memcmp(file_digest, sudoers_digest, func->digest_len) != 0) {
fclose(fp);
sudo_debug_printf(SUDO_DEBUG_DIAG|SUDO_DEBUG_LINENO, sudo_debug_printf(SUDO_DEBUG_DIAG|SUDO_DEBUG_LINENO,
"%s digest mismatch for %s, expecting %s", "%s digest mismatch for %s, expecting %s",
func->digest_name, file, sd->digest_str); digest_type_to_name(sd->digest_type), file, sd->digest_str);
debug_return_bool(false);
} }
goto done;
fclose(fp);
debug_return_bool(true);
bad_format: bad_format:
sudo_warnx(U_("digest for %s (%s) is not in %s form"), file, sudo_warnx(U_("digest for %s (%s) is not in %s form"), file,
sd->digest_str, func->digest_name); sd->digest_str, digest_type_to_name(sd->digest_type));
debug_return_bool(false); done:
free(sudoers_digest);
free(file_digest);
debug_return_bool(matched);
} }
static bool static bool

6
plugins/sudoers/parse.h
View File

@ -290,4 +290,10 @@ long get_gmtoff(time_t *clock);
/* gentime.c */ /* gentime.c */
time_t parse_gentime(const char *expstr); time_t parse_gentime(const char *expstr);
/* filedigest.c */
unsigned char *sudo_filedigest(int fd, const char *file, int digest_type, size_t *digest_len);
/* digestname.c */
const char *digest_type_to_name(int digest_type);
#endif /* SUDOERS_PARSE_H */ #endif /* SUDOERS_PARSE_H */

6
plugins/sudoers/sssd.c
View File

@ -1059,10 +1059,8 @@ sudo_sss_extract_digest(char **cmnd, struct sudo_digest *digest)
*cmnd = cp; *cmnd = cp;
sudo_debug_printf(SUDO_DEBUG_INFO, sudo_debug_printf(SUDO_DEBUG_INFO,
"%s digest %s for %s", "%s digest %s for %s",
digest_type == SUDO_DIGEST_SHA224 ? "sha224" : digest_type_to_name(digest_type),
digest_type == SUDO_DIGEST_SHA256 ? "sha256" : digest->digest_str, cp);
digest_type == SUDO_DIGEST_SHA384 ? "sha384" :
"sha512", digest->digest_str, cp);
debug_return_ptr(digest); debug_return_ptr(digest);
} }
} }

18
plugins/sudoers/visudo_json.c
View File

@ -254,23 +254,7 @@ print_command_json(FILE *fp, struct member *m, int indent, bool last_one)
/* Optional digest. */ /* Optional digest. */
if (c->digest != NULL) { if (c->digest != NULL) {
fputs(",\n", fp); fputs(",\n", fp);
switch (c->digest->digest_type) { digest_name = digest_type_to_name(c->digest->digest_type);
case SUDO_DIGEST_SHA224:
digest_name = "sha224";
break;
case SUDO_DIGEST_SHA256:
digest_name = "sha256";
break;
case SUDO_DIGEST_SHA384:
digest_name = "sha384";
break;
case SUDO_DIGEST_SHA512:
digest_name = "sha512";
break;
default:
digest_name = "invalid digest";
break;
}
value.type = JSON_STRING; value.type = JSON_STRING;
value.u.string = c->digest->digest_str; value.u.string = c->digest->digest_str;
print_pair_json(fp, NULL, digest_name, &value, NULL, indent); print_pair_json(fp, NULL, digest_name, &value, NULL, indent);